Posted
by
timothyon Saturday August 10, 2013 @06:32PM
from the open-book dept.

slash-sa writes with a link to an opinion piece from Cory Doctorow that begins: "The European Parliament is currently involved in a wrangle over the new General Data Protection Regulation. At stake are the future rules for online privacy, data mining, big data, governmental spying (by proxy), to name a few. Hundreds of amendments and proposals are on the table, including some that speak of relaxing the rules on sharing data that has been "anonymised" (had identifying information removed) or "pseudonymised" (had identifiers replaced with pseudonyms). This is, however, a very difficult business, with researchers showing how relatively simple techniques can be used to re-identify the data in large anonymised data sets, by picking out the elements of each record that make them unique."

NOTE: if you want to take information about me from someone else I gave my information to, then ASK ME. It will be under the same conditions as the other person: consideration for the use and/or the data remains mine, not yours.

Microsoft Disagrees.

In an open letter to Microsoft sent January 15, 2013, the Office of the Australian Information Commissioner questioned whether Microsoft was really committed to privacy, based on a series of privacy summits the company organized last November. Specifically, the OAIC expressed "reservations" about one of the "discussion topics" Microsoft encouraged attendees to discuss.

The meetings proposed rewriting the so-called "Collection Limitation Principle," which states: "There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject."

The report published by Microsoft states this "discussion version" was used:

"Data should be obtained by lawful and fair means and in a transparent manner. Data should not be collected in a manner likely to cause unjustified harm to the individual unless required by law. 'Harm' may include more than physical injury."

The OAIC worried that the revised discussion version placed no limitations on the collection of personal data. And the report said as much:

"[T]he requirement in the original OECD principle that data be collected, 'when appropriate,' with the 'knowledge or consent of the data subject,' seems to ignore the reality of the extraordinary volume of data that is generated today through routine activities and transactions and near-ubiquitous sensors (such as surveillance cameras, location monitoring by smart phones, and embedded computers in cars and other devices). Often, knowledge or consent of data collection in these situations is either nonexistent or likely to be so vague as to be meaningless. No one suggested that knowledge is not important, or that consent may not be appropriate in some settings, but there seems a real risk that the 'where appropriate' exception could swallow the entire principle, given today’s technology landscape."

Cory's site has 7 tracking services that track you every time you logon to his site, and correlate with a multitude of sites that also track everywhere you go online. I would think if you're going to promote digital privacy, the first thing you would do is remove the four google tracking systems installed on your website.

I'm not sure if I would classify that as "his site". He's one of many bloggers. His site [craphound.com], only seems to block 2 cookies (using ghostery), and they are twitter and wordpress stats. I would classify those as at least not completely terrible. That being said, My browser reported blocking 9 things from Boing Boing. That's just a little bit crazy. It's probably one of the highest number of blocks that I've seen a "legitimate" site.

He's listed on the Masthead as a founding member. I don't know what better credentials are needed to call it "his site". Should I have said "his commercial site" and then in subtext mentioned "his personal blog"?

"I'm not sure if I would classify that as "his site". He's one of many bloggers. His site, only seems to block 2 cookies (using ghostery), and they are twitter and wordpress stats."

He blogs there, it's his site. There is no reason to split hairs. He is famous enough, he can blog wherever he damned well pleases, and he pleases to do it on Boing Boing. So it's "his site". Or where he chooses to blog.

Having said that, there are at least 7 javascript libraries on the site, 2 that appear on Ghostery, that are potential trackers, and some of them are definitely trackers.

Cookies are managed by the user. Scripts that are written to replace rather than sit along side HTML are the problem. Scripts are managed, primarily, by tool-set developers. That makes the script monkeys the evil guys.

Yeah I had to say the irony is moist and delicious when the guy banging the drum for Internet privacy has the largest number of red flags from PrivDog I have ever seen at 10, hell the porn sites don't have that much damned tracking!

Ya know as much as I hate RMS that is one thing I'll give him credit for, i went to his website and there is ZERO tracking going on, it was 100% tracker free. I found that refreshing and it was nice to see there are still some that walk the walk and not just talk the talk.

I think a good first step would be to make life tougher for cyberbullies who post images and documents with the clear intention of destroying someone's reputation or making them the subject of ridicule. Whether such incidents would be sanctioned would depend on how public the documents were, whether the victim was a celebrity or public person (e.g. high-ranking government or corporate official), whether the victim knowingly participated in either the photographing or the posting of the images/documents, et

If you overshare, then every script-kiddie on the planet will be able to hack your life.No law available to our Fearless Leaders can prevent abuse of the system by our National Security Industry. Forget about any sort of reigning in of the God-given Rights of our Owners.Vote as if it mattered. Ha-Haa!

It is worth noting that this topic is among the "codecision" matters for which the EU parliament has a word to say. But even in that case it is still long away from being a real parliament. The European Commission proposed the initial draft, and it can strip the amendment voted by the parliament (it already happened). Moreover the parliament will have to agree with the European council, which is made of member states' government representative, and acts as a upper house in the EU framework.

The interesting point here, is that the wholedebate is just : The owners of some structures, some creepy sponsors or control freaks, and those on their paychecks (less than 1% of the population reweighted by the strength of their lobbies) vs. The Users (99% of the population; be serious, noboby likes to be followed, spyed on, to receive more junk publicity at least).
Now lest's see what democracy is about...
For me, the simple fact that it did manage to create a wrangle, points to a problem.

But the EU is not a democracy. The elected parliament has little power: it cannot start a directive draft. it cannot have the last word on amendments. It can reject a directive, that is its only real power, but that only apply to a limited range of matters for which the parliament is involved. For many matters, it happens at the European Commission, the European Council, or between both of them.

The horror show continues: the executive powers of member states act as a legislative power at the EU level, since

I remember when facebook got big enough that I finally decided to create an account there. Not because I wanted to share private details of my life with my friends. Because the FB audience was big enough that I felt compelled to have some representation there. What my timeline displays is what I call a public profile. Think of it as the linked in for hobbies and vacation travel. Don't publish anything that wouldn't hold up in a criminal investigation. I'm not saying lie. Remember Andy Warhol's now famous "15 minutes of fame" quote? Well, famous people need a PR manager. In today's "15 minutes of fame" world, everyone needs their own DIY PR manager. Think like a PR manager before you post.

i hate to say this as i hate the surveillance state as much as the next guy but there's this one security camera right on my walk to work and the only way to not walk by it would cost an extra five minutes but i always think anti-government thoughts when i go past it until one day i saw they actually caught a murderer with it, some dude blasted a cabbies head off during a robbery attempt and luckily they had a clear picture of the guy from that camera which i could tell because i go by it every day, i was like "holy shit". now don't get me wrong i know the nsa could use some facial recognition shit to match me to some protest and then find my route i walk to work every day from a database and do something to me or whatever but...on the other hand some of these cameras really do reduce crime on a local level, key part being "local level", the nsa doesn't need a feed from that camera, but i have no problem with the local pd watching it.

I would have no problem with security cameras having local storage that the cops could come and access when necessary, but I'm not crazy about the idea of every security camera being linked back to some central location where you could be tracked 24.7 every time you leave the house.

That small extra degree of difficulty would be enough to provide a lot of extra privacy protection

He is a public figure. He does speak about these issues frequently and held various position in various organization about privacy and copyright issues. I'd say he is the closest thing we have to an expert on privacy from the societal perspective (instead of the technological one).

Personnaly, I like his writing style in novels. But I tend not to like his blog.

Disclaimer: I am affiliated with one of the initiatives about to be mentioned.

While anonymization and pseudonymization can be broken with access to related datasets, secure computation is harder to break. There are various ongoing efforts like IBM's HElib (https://github.com/shaih/HElib) and Cybernetica's Sharemind (https://sharemind.cyber.ee) among many others. These tools allow you to build data analysis systems that will not see the data and will work nicely in an environment of distrust.